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DETAILED ACTION 
Continued Examination Under 37 CFR 1.114 

A request for continued examination under 37 CFR 1.1 14, including the fee set forth in 
37 CFR 1.17(e), was filed in this application after final rejection. Since this application is 
eligible for continued examination under 37 CFR 1.1 14, and the fee set forth in 37 CFR 1.17(e) 
has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 
37 CFR 1.1 14. Applicant's submission filed on 07/30/2010 has been entered. 

This Office Action is in response to the application 10/752385 filed on 07/30/2010. 
Claims 3-5, 7, 9, 11, and 16-30 have been cancelled. 

Claims 1 and 8 have been amended. 

Claims 1-2, 6, 8, 10, and 12-15 have been examined and are pending. 
This Action is made Non-FINAL. 



Response to Arguments 

Applicant's arguments, see page 6, filed 07/30/2010, with respect to the 35 U.S.C. § 112, 
2 nd rejection of claims 8 have been fully considered. The 35 U.S.C. § 1 12, 2 nd rejection of claim 
8 has been withdrawn. 

The Applicant's arguments with respect to claims 1-2, 6, 8, 10, and 12-15 have been 
considered but are moot in view of the new ground(s) of rejection. 
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Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all obviousness 
rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

Claims 1-2, 6, 8, and 13 are rejected under 35 U.S.C. 103(a) as being unpatentable over US 
Patent Number 6,081,900 (hereinafter Subramaniam) in view of US Patent Application 
Publication US 2003/0131259 Al (hereinafter Barton ) further in view US Patent Application 
Publication 2003/0061387 Al (hereinafter Brown). 

As per claim 1: 

Subramaniam teaches a method to manage secure communications implemented in a 
computer-readable medium and to execute on a proxy server, the method, comprising: 

(a) establishing, by the proxy server, a secure session on a secure site with an external 
client that communicates from an insecure site [Subramaniam : Col. 1, line 25 to Col. 2, line 
25; Col. 3 lines 35-50; Col. 3, line 66 to Col. 4 line 17]; 

(b) detecting, by the proxy server, access attempts during the secure session directed to 
insecure transactions, the insecure transactions identified as links to a site [Subramaniam : Col. 
1, line 25 to Col. 2, line 25; Col. 6, lines 40-60; By checking the IP address which the request 
was made, the target server 104 determines that the request came from outside the security 
parameter 102. The target server 104 check user permission against access control list 
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associated with the data"; fig. 1, Border server 106 includes URL transformer 108 and 
cache(s) 110; fig. 3; Border server 106; Col. 9, lines 32-43; "The possibly repeated acts 
within the transmitting step 128 involve sending one or more Web pages, files, or other 
pieces of non-secure data 130 from the target server 104 to the border server 106. The data 
130 is non-secure in that it includes hypertext links, URLs, or other references which, if 
presented by the external client 112 to the secure network 100, ....which contain URLs 
specifying "http://" rather than "https://" in reference to data stored on the target server 
104 are examples of non-secure data 130"; Col. 10, lines 10-19] [[external (external site) to, 
not controlled by, and not recognized by the secure site, and the access attempts are directed to 
the insecure transactions having references to resources of the external site] ] ; and 

(c) transparently managing, by the proxy server, the access attempts by pre-acquiring 
content from the external site by accessing the links on behalf of the external client to pre- 
acquire the content and by scanning and inspecting the content within the secure site before 
determining whether the content should be made available to the external client during the secure 
session [Subramaniam : Col. 1, line 25 to Col. 2, line 25 Col. 6, lines 40-60; The target 
server 104 check user permission against access control list associated with the data, or 
take other steps to make sure the requesting user is entitled to access the request data 
before providing data"; fig. 1, Border server 106 includes URL transformer 108 and 
cache(s) 110; fig. 3; Border server 106; Col. 9, lines 32-43; "The possibly repeated acts 
within the transmitting step 128 involve sending one or more Web pages, files, or other 
pieces of non-secure data 130 from the target server 104 to the border server 106. The data 
130 is non-secure in that it includes hypertext links, URLs, or other references which, if 
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presented by the external client 112 to the secure network 100, ....which contain URLs 
specifying "http://" rather than "https://" in reference to data stored on the target server 
104 are examples of non-secure data 130"; Col. 10, lines 10-19; Col. 5; lines 25-27; "The 
secure network 100 includes one or more file or object or Web servers such as target server 
104"; figs. 1, 3; The target server 104 is in the secure network 100; Col. 10, lines 59-66; 
"The target server 104 can then transform any non-secure data 130 to the border server 
106 for subsequent transmission to the external client 112."]; 

Subramaniam does not explicit disclose wherein "the border server is external from the 
secure site, and at least one access attempt associated with at least one piece of the content that 
is scanned identifies a true insecure reference by determining that the true insecure reference is 
a particular reference that has been determined by the method to have had the piece of the 
content or metadata of the true insecure reference tampered with, and the true insecure 
reference is entirely removed from the content before the content is supplied to the external 
client and an event is reported as a custom warning inserted into the content supplied to the 
external client, the event identifies for the external client within the content that the true insecure 
reference was removed before being provided to the external client." 

It would have been obvious to one of ordinary skill in the art at the time the invention 
was made to move the border server to an site external from the secure location, since it has 
been held that it requires routine skill in the art to rearrange the location of the border server 
because it would not have modified the operation of the device [See MPEP 2144.04; see also 
In re Japikse, 181 F.2d 1019, 86 USPQ 70 (CCPA 1950)]. 
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Barton discloses transferring data via a secure network connection, wherein at least one 
access attempt associated with at least one piece of the content that is scanned identifies a true 
insecure reference by determining that the true insecure reference is a particular reference that 
has been determined by the method to have had the piece of the content or metadata of the true 
insecure reference tampered with [Barton: par. [0012]; scanning code operable to scan said 
data at said proxy computer for illegal content (i.e. a true insecure reference); See also par. 
[0014], [0018]; par. [0033]; if illegal content is found (i.e. a true insecure reference has been 
tampered), then this trigger an appropriate action; fig. 4, par. [0039]. 

Barton further disclose a https proxy computer scanning for illegal content and triggering 
an appropriate action such as sending a warning webpage to client or issue of an alert to a 
network administrator [Barton: figs 4-5; par. [0033], [0039], [0040]]. 

Therefore, it would have been obvious to one person of ordinary skill in the art at the 
time the invention was made to combine the method of Barton with the teaching of 
Subramaniam to ensure that a transferring data does not contain any illegal content by scanning 
for illegal content before data is delivered to a client [Barton: par. [0014]]. 

Subramaniam and Barton do not explicitly disclose "the true insecure reference is 
entirely removed from the content before the content is supplied to the external client and an 
event identifies for external client within a content that the true insecure reference was removed 
before being provided to the external client, the event identifies for the external client within the 
content that the true insecure reference was removed before being provided to the external 
client" Instead, Barton disclose a https proxy computer scanning for illegal content and 
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triggering an appropriate action such as sending a warning webpage to client or issue of an alert 
to a network administrator. 

However, in the same field of art. Brown teaches system and method for transcoding 
support of Web content over secure connection. In at least one of embodiment, Brown teaches 
step of executing an URL request with a modified request header, removing a set-cookie 
directive from header, and sending modified http response to a client [Brown: fig. 4, par. [0032- 
0041]; modified a request header' removed a set-cookie directive from http response. Set-cookie 
directives are not sent to client; Send modified http response to client]. 

Therefore, it would have been obvious to one person of ordinary skill in the art at the 
time the invention was made to combine the method of Brown with the teaching of 
Subramaniam and Barton invention, by implementing "the true insecure reference is entirely 
removed from the content before the content is supplied to the external client and an event is 
reported as a custom warning inserted into the content supplied to the external client, the event 
identifies for the external client within the content that the true insecure reference was removed 
before being provided to the external client. " to allow for intervention of data being delivered 
across secure Internet connection as suggested by Brown [Brown: abstract: par. [0012]. 

As per claim 2: 

The combination of Subramaniam, Barton, and Brown teaches the subject matter as described 
above. 

Subramaniam further teaches the method of claim 1 wherein the detecting further 
includes translating any non-secure links into secure links for some of the insecure transactions 
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before presenting results of the access attempts to the external client [Subramaniam: Col. 3, 
lines 66-67; Col. 4, lines 1-8; Transforming non-secure URLs (i.e. HTTP) into secure URLs 
(i.e. HTTPs)]. 

As per claim 6: 

The combination of Subramaniam, Barton, and Brown teaches the subject matter as described 
above. 

Subramaniam further teaches the method of claim 1 wherein managing includes at least 
one or more of: 

issuing alerts [Subramaniam: Col. 11, lines 61-67], notifications [Subramaniam: Col. 

8, lines 40-57], or advisories to a monitoring entity or log. 

As per claim 8: 

Subramaniam teaches a method to manage secure communications implemented in a 
computer-readable medium and to execute on a proxy server, the method, comprising: 

(a) detecting, by the proxy server, insecure transactions occurring during a secure session, 
the insecure transactions result from actions requested by an external client participating in the 
secure session [Subramaniam : Col. 1, line 25 to Col. 2, line 25; Col. 6, lines 40-60; By 
checking the IP address which the request was made, the target server 104 determines that 
the request came from outside the security parameter 102]; 

(b) inspecting, by the proxy server, the insecure transactions in advance of satisfying the 
actions requested by pre-acquiring content associated with the insecure transactions before 
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making available to the external client , and the insecure transactions are associated with links to 
an external site [[located outside a secure site associated with the secure session]] , and content 
are pre-acquired from the external site via the links and inspected and scanned on behalf of the 
external client within the proxy server [Subramaniam : Col. 1, line 25 to Col. 2, line 25; Col. 
6, lines 46-60; A target server check user permissions against access control lists; fig. 1, 
Border server 106 includes URL transformer 108 and cache(s) 110; fig. 3; Border server 
106; Col. 9, lines 32-43; "The possibly repeated acts within the transmitting step 128 
involve sending one or more Web pages, files, or other pieces of non-secure data 130 from 
the target server 104 to the border server 106. The data 130 is non-secure in that it 
includes hypertext links, URLs, or other references which, if presented by the external 
client 112 to the secure network 100, ....which contain URLs specifying "http://" rather 
than "https://" in reference to data stored on the target server 104 are examples of non- 
secure data 130"; Col. 10, lines 10-19; Col. 5, lines 42-49; proxy servers]; and 

(c) making, by the proxy server, a determination based on the inspection for taking 
processing actions including one or more of the following: 

(d) permitting some of the insecure transactions to proceed unmodified by performing the 
actions requested for the external client; 

(d) permitting, by the proxy server, some of the insecure transactions to proceed in a 
modified fashion [Subramaniam : Col. 3, lines 66-67; Col. 4, lines 1-8; Transforming non- 
secure URLs (i.e. HTTP) into secure URLs (i.e. HTTPs)] . 

Subramaniam does not explicitly disclose "the border server is external from secure site, 
denying some of the insecure transactions by denying the actions requested, and some of the 
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insecure transactions that are denied are identified as references that have a World-Wide Web 
(WWW) cookie associated with their headers, and wherein these references are entirely removed 
from the content before the content is supplied to the external client and the references entirely 
removed are reported as custom warning to the external client as an event within the content, the 
event identifies for the external client within the content that the true insecure reference was 
removed before being provided to the external client. " 

It would have been obvious to one of ordinary skill in the art at the time the invention 
was made to move the border server to an site external from the secure location, since it has 
been held that it requires routine skill in the art to rearrange the location of the border server 
because it would not have modified the operation of the device [See MPEP 2144.04; see also 
In re Japikse, 181 F.2d 1019, 86 USPQ 70 (CCPA 1950)]. 

Barton discloses transferring data via a secure network connection, wherein denying 
some of the insecure transactions by denying the actions requested, and some of the insecure 
transactions that are denied are identified as references [Barton: par. [0012]; par. [0014], the 
data is able to scanned for illegal content before it is delivered to the client; [0018]; par. 
[0033]; if illegal content is found, the this trigger an appropriate action; fig. 4, par. [0039]] 

Barton further disclose a https proxy computer scanning for illegal content and triggering 
an appropriate action such as sending a warning webpage to client or issue of an alert to a 
network administrator [Barton: figs 4-5; par. [0033], [0039], [0040]]. 

Therefore, it would have been obvious to one person of ordinary skill in the art at the 
time the invention was made to combine the method of Barton with the teaching of 
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Subramaniam to ensure that a transferring data does not contain any illegal content by scanning 
for illegal content before data is delivered to a client [Barton: par. [0014]]. 

Subramaniam and Barton do not explicitly disclose "World-Wide Web (WWW) cookie 
associated with their headers, and these references are entirely removed from the content before 
the content is supplied to the external client and the references entirely removed are reported as 
custom warning messages to the external client as and an event identifies for external client 
within a content, the event identifies for the external client within the content that the true 
insecure reference was removed before being provided to the external client" Instead, Barton 
disclose a content that is scanned identifies a true insecure reference by determining that the true 
insecure reference is a particular reference that has been determined by the method to have had 
the piece of the content or metadata of the true insecure reference tampered with [Barton: par. 
[0012]; scanning code operable to scan said data at said proxy computer for illegal content 
(i.e. a true insecure reference); See also par. [0014], [0018]; par. [0033]; if illegal content is 
found (i.e. a true insecure reference has been tampered), then this trigger an appropriate 
action; fig. 4, par. [0039]; Barton further discloses a https proxy computer scanning for illegal 
content and triggering an appropriate action such as sending a warning webpage to client or 
issue of an alert to a network administrator [Barton: figs 4-5; par. [0033], [0039], [0040]]. 

However, in the same field of art, Brown teaches system and method for transcoding 
support of Web content over secure connection. In at least one of embodiment, Brown teaches 
step of executing an URL request with a modified request header, removing a set-cookie 
directive from header, and sending modified http response to a client [Brown: fig. 4, par. [0032- 
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0041]; modified a request header' removed a set-cookie directive from http response. Set-cookie 
directives are not sent to client; Send modified http response to client]. 

Therefore, it would have been obvious to one person of ordinary skill in the art at the 
time the invention was made to combine the method of Brown with the teaching of 
Subramaniam and Barton invention, by implementing "World- Wide Web (WWW) cookie 
associated with their headers, and wherein these references are entirely removed from the 
content before the content is supplied to the external client and the references entirely removed 
are reported as custom warning messages to the external client as an event within the content, 
the event identifies for the external client within the content that the true insecure reference was 
removed before being provided to the external client. " to allow for intervention of data being 
delivered across secure Internet connection as suggested by Brown [Brown: abstract: par. 
[0012]. 

As per claim 13: 

Subramaniam further discloses the method of claim 8 wherein the making a 
determination further includes permitting some of the insecure transactions to proceed in a 
modified fashion by transparently processing the external client access attempt within the proxy 
server making the external client access attempt appear to be part of the secure session 
[Subramaniam: Col. 3, lines 66-67; Col. 4, lines 1-8; Transforming non-secure URLs (i.e. 
HTTP) into secure URLs (i.e. HTTPs)]. 
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Claims 10, 12, and 14-15 are rejected under 35 U.S.C. 103(a) as being unpatentable over US 
Patent Number 6,081,900 (hereinafter Subramaniam) in view of US Patent Application 
Publication US 2003/0131259 Al (hereinafter Barton ) further in view US Patent Application 
Publication 2003/0061387 Al (hereinafter Brown), and further in view of "Netscape Proxy 
Server Administrator's Guide Version 3.5 for Unix", 1997, as provided by applicant (hereinafter 
Netscape_unix_v3.5) 

As per claim 10: 

The combination of Subramaniam, Barton, and Brown teaches the subject matter as 
described above. 

Subramaniam further discloses a method permitting the insecure transactions to proceed 
in the modified fashion by changing the reference links from Hypertext Transfer Protocol 
(HTTP) insecure links to HTTP over Secure Sockets Layer (HTTPS) [Subramaniam : Col. 3, 
lines 66-67; Col. 4, lines 1-8; Transforming non-secure URLs (i.e. HTTP) into secure URLs 
(i.e. HTTPs)]. 

The combination of Subramaniam, Barton, and Brown do not explicitly disclose to 
suppress security warning messages. 

However, Netscape_unix_v3.5 discloses to suppress security warning messages 
[Netscape_unix_v3.5: Chapter 10, pages 1-3; A proxy server can be configured a custom 
message, which sends to an external client. A customized text message can be an empty 
text]. 
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Thus, it would have been obvious to one person of ordinary skill in the art at the time the 
invention was made to combine the method of Subramaniam, Barton, and Brown by including 
the teaching of Netscape_unix_v3.5 because it would improve warning techniques for managing 
secure warning communications by triggering appropriate action such as sending of a warning 
webpage to client or an issue of an alert message to a network administrator [Barton: par. 
[0033]]. 

As per claim 12: 

The combination of Subramaniam, Barton, and Brown teaches the subject matter as described 
above. 

Subramaniam discloses a method permitting insecure transactions to proceed unmodified 
[Subramaniam: Col. 2, lines 36-41]. 

Subramaniam, Barton, and Brown do not explicitly disclose permitting normally 
occurring security warnings to be presented to the client before satisfying the external client 
access attempt to reference the external site. 

However, Netscape_unix_v3.5 discloses permitting normally occurring security warnings 
to be presented to external the client before satisfying the external client access attempt to 
reference the external site [Netscape_unix_v3.5 : Chapter 10, pages 1-3; Chapter 13, page 1; 
A proxy server can be configured a custom message, which sends to an external client. A 
customized text message can be security warning messages]. 

Thus, it would have been obvious to one person of ordinary skill in the art at the time the 
invention was made to combine the method of Subramaniam, Barton, and Brown by including 
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the teaching of Netscape_unix_v3.5 because it would improve warning techniques for managing 
secure warning communications by triggering appropriate action such as sending of a warning 
webpage to client or an issue of an alert message to a network administrator [Barton: par. 
[0033]]. 

As per claim 14: 

The combination of Subramaniam, Barton, and Brown teaches the subject matter as 
described above. 

Subramaniam, Barton, and Brown do not explicitly disclose method, wherein the making 
a determination further includes denying the insecure transactions after determining that the 
external client access attempt is corrupted and notifying the external client of a denial. 

However, Netscape_unix_v3.5 discloses a method wherein the making a determination 
further includes denying the insecure transactions after determining that the external client access 
attempt is corrupted and notifying the external client of a denial [Netscape_unix_v3.5: Chapter 
13, page 1; A proxy will issue a fatal error (i.e. catastrophe) if an outside agent causes cache 
files to become corrupt]. 

Thus, it would have been obvious to one person of ordinary skill in the art at the time the 
invention was made to combine the method of Subramaniam, Barton, and Brown by including 
the teaching of Netscape_unix_v3.5 because it would improve warning techniques for managing 
secure warning communications by triggering appropriate action such as sending of a warning 
webpage to client or an issue of an alert message to a network administrator [Barton: par. 
[0033]]. 
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As per claim 15: 

The combination of Subramaniam, Barton, and Brown teaches the subject matter as 
described above. 

Subramaniam, Barton, and Brown do not explicitly disclose the method of claim 8 
wherein the making a determination further includes denying the some of the insecure 
transactions after determining that the external client access attempt is corrupted and logging 
information about the external client access attempt. 

However, Netscape_unix_v3.5 discloses a method wherein the making a determination 
further includes denying the insecure transactions after determining that the external client access 
attempt is corrupted and logging information about the external client access attempt 
[Netscape_unix_v3.5 : Chapter 13, pages 1-7]. 

Thus, it would have been obvious to one person of ordinary skill in the art at the time the 
invention was made to combine the method of Subramaniam, Barton, and Brown by including 
the teaching of Netscape_unix_v3.5 because it would improve warning techniques for managing 
secure warning communications by triggering appropriate action such as sending of a warning 
webpage to client or an issue of an alert message to a network administrator [Barton: par. 
[0033]]. 
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Conclusion 

The Examiner has cited particular columns and line numbers in the references applied to 
the claims above for the convenience of the Applicant. Although the specified citations are 
representative of the teachings of the art and are applied to specific limitations within the 
individual claim, other passages and figures may apply as well. It is respectfully requested from 
the Applicant in preparing responses, to fully consider the references in entirety as potentially 
teaching all or part of the claimed invention, as well as the context of the passage as taught by 
the prior art or disclosed by the Examiner. 

The Examiner requests, in response to this Office action, support be shown for language 
added to any original claims on amendment and any new claims. That is, indicate support for 
newly added claim language by specifically pointing to page(s) and line number(s) in the 
specification and/or drawing figure(s). This will assist the examiner in prosecuting the 
application. Failure to show support can result in a non-compliant response. 

When responding to this office action, Applicant is advised that if Applicant traverses an 
obviousness rejection under 35 U.S.C. 103, a reasoned statement must be included explaining 
why the Applicant believes the Office has erred substantively as to the factual findings or the 
conclusion of obviousness See 37 CFR 1.111(b). 

Additionally Applicant is further advised to clearly point out the patentable novelty which he or 
she thinks the claims present, in view of the state of the art disclosed by the references cited or 
the objections made. He or she must also show how the amendments avoid such references or 
objections See 37 CFR 1.111(c). 
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Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Canh Le whose telephone number is 571-270-1380. The 
examiner can normally be reached on Monday to Friday 7:30AM to 5:00PM other Friday off. 
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